Why all the Hassle? Two Simple Steps to Secure Your Wi-Fi Network

Setting up a new wireless router, or seeking to better secure your existing Wi-Fi? Perusing the Internet will provide you with all sorts of information on the "necessary" steps required for protecting wireless networks, but some of the advice you will find may result in a complications and instill a false sense of security, according to analyst Chris Hoffman, who sought to debunk some of the most prevalent myths about Wi-Fi security in a recent article.

Hiding SSIDs

One of the most widely held beliefs is that users need to take advantage of the option to hide a wireless network’s SSID, which Hoffman says is a complete waste of time. Hiding a network's SSID does not provide added protection, but instead creates a condition where your devices will be announcing the network's name as they search to see if they are in range of the router.

Hoffman says that monitoring tools available can readily detect the SSID from these attempts to locate your network, so opting to hide the network's name provides no added protections against intrusions.

"Even when you’re on the other side of your country, your laptop will have no idea if your network is nearby and it will continue trying to find it. These broadcasts will allow people nearby to determine your network’s SSID," Hoffman wrote.

Filtering by MAC Address

Media Access Control, or MAC addresses, are identifiers unique to every device that connects to a wireless network. One common piece of advice offered for protecting Wi-Fi systems is to restrict access to the network based on MAC addresses of authorized devices. Hoffman says this technique is useful for making the network more difficult to connect to - especially for newly obtained devices or those of welcome guests attempting to use your wireless connection - but ultimately provides no additional security for the network.

"People within range of your network can sniff your Wi-Fi traffic and view the MAC addresses of the computers connecting. They can then easily change their computer’s MAC address to an allowed MAC address and connect to your network," Hoffman said.

Using Static IP Addresses

In addition to the notion that hiding SSIDs and filtering by MAC address are essential to Wi-Fi security, Hoffman points out that many believe using static IP addresses is a necessary precaution. Routers automatically assign an IP address to devices when they connect to the network. By disabling this option, users attempting to connect to a network would be required to manually enter an IP address for the device, but Hoffman says this does nothing to prevent unauthorized access.

"There’s no point in doing this. If someone can connect to the wireless network, it’s trivial for them to set a static IP address on their computer. In addition to being extremely ineffective, this will make connecting devices to the network more of a hassle," Hoffman wrote.

WPA2 Encryption and Strong Passwords are Essential

So what does work to secure your Wi-Fi? Hoffman suggests it's as simple as using the right encryption option in conjunction with a strong password. Most routers offer the choice of using WEP as an option to accommodate older devices, but the outdated encryption protocol can be cracked with little effort.

Hoffman recommends enabling the WPA2 encryption option to properly secure the wireless network, but this will only be effective if the user also chooses a very strong password or passphrase with at least 15-20 characters, as opposed to the default minimum of eight characters. These two factors are the key to securing your Wi-F, and will prevent headaches when attempting to access the network with new devices, or from those of an authorized guest. Pretty simple, straight-forward advice.

"Assuming you’re using WPA2 with a strong password, you’re all set. You don’t have to put up with the hassle of hidden SSIDs, MAC address filtering, and static IP addresses to secure your network," Hoffman concluded.

Share this post:

You May Also Be Interested In:

Anthony M. Freed is an information security journalist and editor who has authored numerous feature articles, interviews and investigative reports which have been sourced and cited by dozens of major media outlets, including The New York Times, Reuters, The Register, Financial Times of London, MSNBC, Fox News, PC/IT/Computer/Tech World, eWeek, SC Magazine, CSO Magazine, Federal News Radio, The Herald-Tribune, Naked Security, and many more. Anthony was the Managing Editor of Infosec Island, an online community designed for IT and network professionals who manage security, risk and compliance issues.